<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>kali工具箱</title>
<script src="./static/bootstrap.min.js"></script>
<link rel="stylesheet" href="./static/main.css">
<link rel="stylesheet" href="./static/bootstrap.min.css">
<style type="text/css" id="syntaxhighlighteranchor"></style>
</head>
<main class="main-container ng-scope" ng-view="">
<div class="main receptacle post-view ng-scope">
<article class="entry ng-scope" ng-controller="EntryCtrl" ui-lightbox="">
<section class="entry-content ng-binding" ng-bind-html="postContentTrustedHtml">
<section class="l-section"><div class="l-section-h i-cf"><h2>Wfuzz Package Description</h2>
<p style="text-align: justify;">Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc.</p>
<p>Some features:</p>
<ul>
<li>Multiple Injection points capability with multiple dictionaries</li>
<li>Recursion (When doing directory bruteforce)</li>
<li>Post, headers and authentication data brute forcing</li>
<li>Output to HTML</li>
<li>Colored output</li>
<li>Hide results by return code, word numbers, line numbers, regex</li>
<li>Cookies fuzzing</li>
<li>Multi threading</li>
<li>Proxy support</li>
<li>SOCK support</li>
<li>Time delays between requests</li>
<li>Authentication support (NTLM, Basic)</li>
<li>All parameters bruteforcing (POST and GET)</li>
<li>Multiple encoders per payload</li>
<li>Payload combinations with iterators</li>
<li>Baseline request (to filter results against)</li>
<li>Brute force HTTP methods</li>
<li>Multiple proxy support (each request through a different proxy)</li>
<li>HEAD scan (faster for resource discovery)</li>
<li>Dictionaries tailored for known applications (Weblogic, Iplanet, Tomcat, Domino, Oracle 9i, Vignette, Coldfusion and many more</li>
</ul>
<p>Source: http://www.edge-security.com/wfuzz.php<br>
<a href="http://www.edge-security.com/wfuzz.php" variation="deepblue" target="blank">Wfuzz Homepage</a> | <a href="http://git.kali.org/gitweb/?p=packages/wfuzz.git;a=summary" variation="deepblue" target="blank">Kali Wfuzz Repo</a></p>
<ul>
<li>Author: Christian Martorella, Carlos del ojo, Xavier Mendez aka Javi</li>
<li>License: GPLv2</li>
</ul>
<h3>Tools included in the wfuzz package</h3>
<h5>wfuzz – Web application bruteforcer</h5>
<code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="3b4954544f7b505a5752">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# wfuzz<br>
<br>
********************************************************<br>
* Wfuzz  2.0 - The Web Bruteforcer                     *<br>
********************************************************<br>
<br>
Usage: /usr/bin/wfuzz [options] &lt;url&gt;<br>
<br>
Options:<br>
-c              : Output with colors<br>
-v              : Verbose information<br>
-o printer          : Output format by stderr<br>
<br>
-p addr             : use Proxy (ip:port or ip:port-ip:port-ip:port)<br>
-x type             : use SOCK proxy (SOCKS4,SOCKS5)<br>
-t N                : Specify the number of threads (20 default)<br>
-s N                : Specify time delay between requests (0 default)<br>
<br>
-e &lt;type&gt;           : List of available encodings/payloads/iterators/printers<br>
-R depth            : Recursive path discovery<br>
-I              : Use HTTP HEAD instead of GET method (No HTML body responses).<br>
--follow            : Follow redirections<br>
<br>
-m iterator         : Specify iterator (product by default)<br>
-z payload          : Specify payload (type,parameters,encoding)<br>
-V alltype          : All parameters bruteforcing (allvars and allpost). No need for FUZZ keyword.<br>
<br>
-X              : Payload within HTTP methods (ex: "FUZZ HTTP/1.0"). No need for FUZZ keyword.<br>
-b cookie           : Specify a cookie for the requests<br>
-d postdata             : Use post data (ex: "id=FUZZ&amp;catalogue=1")<br>
-H headers              : Use headers (ex:"Host:www.mysite.com,Cookie:id=1312321&amp;user=FUZZ")<br>
<br>
--basic/ntlm/digest auth    : in format "user:pass" or "FUZZ:FUZZ" or "domain\FUZ2Z:FUZZ"<br>
<br>
--hc/hl/hw/hh N[,N]+        : Hide resposnes with the specified[s] code/lines/words/chars (Use BBB for taking values from baseline)<br>
--hs regex          : Hide responses with the specified regex within the response<br>
<br>
Keyword: FUZZ,FUZ2Z  wherever you put these words wfuzz will replace them by the payload selected.<br>
<br>
Example: - wfuzz.py -c -z file,commons.txt --hc 404 -o html http://www.site.com/FUZZ 2&gt; res.html<br>
     - wfuzz.py -c -z file,users.txt -z file,pass.txt --hc 404 http://www.site.com/log.asp?user=FUZZ&amp;pass=FUZ2Z<br>
     - wfuzz.py -c -z range,1-10 --hc=BBB http://www.site.com/FUZZ{something}<br>
<br>
       More examples in the README.</code>
<h3>wfuzz Usage Example</h3>
<p>Use colour output <b><i>(-c)</i></b>, a wordlist as a payload <b><i>(-z file,/usr/share/wfuzz/wordlist/general/common.txt)</i></b>, and hide 404 messages <b><i>(–hc 404)</i></b> to fuzz the given URL <b><i>(http://192.168.1.202/FUZZ)</i></b>:</p>
<code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="bbc9d4d4cffbd0dad7d2">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# wfuzz -c -z file,/usr/share/wfuzz/wordlist/general/common.txt --hc 404 http://192.168.1.202/FUZZ<br>
<br>
********************************************************<br>
* Wfuzz  2.0 - The Web Bruteforcer                     *<br>
********************************************************<br>
<br>
Target: http://192.168.1.202/FUZZ<br>
Payload type: file,/usr/share/wfuzz/wordlist/general/common.txt<br>
<br>
Total requests: 950<br>
==================================================================<br>
ID  Response   Lines      Word         Chars          Request    <br>
==================================================================<br>
<br>
00429:  C=200      4 L        25 W      177 Ch    " - index"<br>
00466:  C=301      9 L        28 W      319 Ch    " - javascript"</code>
</div></section><div style="display:none">
<script src="//s11.cnzz.com/z_stat.php?id=1260038378&web_id=1260038378" language="JavaScript"></script>
</div>
</main></body></html>
